CN115242545A - Safety management method and system for Internet of things equipment data - Google Patents

Safety management method and system for Internet of things equipment data Download PDF

Info

Publication number
CN115242545A
CN115242545A CN202210940575.6A CN202210940575A CN115242545A CN 115242545 A CN115242545 A CN 115242545A CN 202210940575 A CN202210940575 A CN 202210940575A CN 115242545 A CN115242545 A CN 115242545A
Authority
CN
China
Prior art keywords
request
data
identification
verification
information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202210940575.6A
Other languages
Chinese (zh)
Other versions
CN115242545B (en
Inventor
郝武伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanxi Kaizhixuan Technology Co ltd
Original Assignee
Shanxi Vocational University Of Engineering And Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanxi Vocational University Of Engineering And Technology filed Critical Shanxi Vocational University Of Engineering And Technology
Priority to CN202210940575.6A priority Critical patent/CN115242545B/en
Publication of CN115242545A publication Critical patent/CN115242545A/en
Application granted granted Critical
Publication of CN115242545B publication Critical patent/CN115242545B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0478Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload applying multiple layers of encryption, e.g. nested tunnels or encrypting the content with a first key and then with at least a second key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0869Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Biomedical Technology (AREA)
  • General Health & Medical Sciences (AREA)
  • Power Engineering (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention relates to the field of information data safety, and discloses a safety management method and a system for Internet of things equipment data, which can protect the information data safety of intelligent household equipment, can effectively avoid link control and data stealing behaviors of unauthorized equipment on an intelligent household, and can effectively avoid the data safety problem when a single piece of equipment is invaded and cracked by a mutual assistance encryption authentication mode among multiple pieces of Internet of things equipment in the application compared with a simple identity verification method adopted by the existing intelligent household Internet of things equipment, so that the safety of the whole intelligent household Internet of things equipment group is improved.

Description

一种物联网设备数据的安全管理方法及系统A security management method and system for IoT device data

技术领域technical field

本发明涉及信息数据安全相关领域,具体是一种物联网设备数据的安全管理方法及系统。The invention relates to the related field of information data security, in particular to a security management method and system for Internet of Things device data.

背景技术Background technique

随着计算机技术的快速发展,物联网智能家居逐渐在越来越多的年轻家庭中被广泛使用,较高的智能化和自动化能够为生活带来较大的便利,能够在一定程度上提升日常居家生活时的幸福感。With the rapid development of computer technology, IoT smart homes are gradually being widely used in more and more young families. Higher intelligence and automation can bring greater convenience to life and improve daily life to a certain extent. Happiness in home life.

但同时,智能家居设备因其联网功能与智能化,也对家庭信息设备安全产生了更多的隐患,家庭网络接口数量的增加,为非授权人员对家庭网络的入侵个破解更加方便,更多的接口意味着更多的突破口,严重影响家庭信息与网络的安全。But at the same time, because of its networking function and intelligence, smart home devices also pose more hidden dangers to the security of home information equipment. The increase in the number of home network interfaces makes it more convenient for unauthorized personnel to invade the home network. More The interface means more breakthroughs, which seriously affects the security of home information and network.

发明内容SUMMARY OF THE INVENTION

本发明的目的在于提供一种物联网设备数据的安全管理方法及系统,以解决上述背景技术中提出的问题。The purpose of the present invention is to provide a security management method and system for IoT device data, so as to solve the problems raised in the above background technology.

为实现上述目的,本发明提供如下技术方案:To achieve the above object, the present invention provides the following technical solutions:

一种物联网设备数据的安全管理系统,包括:A security management system for IoT device data, including:

数据响应模块,用于获取请求验证数据,通过预设的多重加密程序对所述请求验证数据进行多次随机加密,生成多维加密数据并转发,所述多重加密程序包括多组加密方案,所述加密方案与不同的物联网终端相对应,所述多维加密数据中设有加密方案识别位;The data response module is used to obtain the request verification data, randomly encrypt the request verification data multiple times through a preset multi-encryption program, generate multi-dimensional encrypted data and forward it, the multi-encryption program includes multiple sets of encryption schemes, the The encryption scheme corresponds to different IoT terminals, and the multi-dimensional encrypted data is provided with an encryption scheme identification bit;

数据互认模块,用于接收多维加密数据,并基于自身预设的识别码对所述加密方案识别位的最高位进行判断,若符合,且所述加密方案识别位的总数大于一,根据预设的加密方案对所述多维加密数据解密并转发,若所述加密方案识别位的总数为一,则引导执行信息识别程序;The data mutual recognition module is used to receive multi-dimensional encrypted data, and judge the highest bit of the encryption scheme identification bits based on its own preset identification code. If it matches, and the total number of encryption scheme identification bits is greater than one, according to the predetermined The set encryption scheme decrypts and forwards the multi-dimensional encrypted data, and if the total number of identification bits of the encryption scheme is one, then guide the execution of the information identification program;

信息识别模块,用于执行所述信息识别程序,包括步骤:基于预设的数据识别库对所述多维加密数据进行识别,并对所述多维加密数据进行安全判断,生成请求验证判断结果并转发,所述请求验证结果设有接收识别位,所述数据识别库为基本字符数据库通过所述加密方案译制;An information identification module for executing the information identification program, including the steps of: identifying the multi-dimensional encrypted data based on a preset data identification library, making a security judgment on the multi-dimensional encrypted data, generating a request verification judgment result and forwarding it , the request verification result is provided with a receiving identification bit, and the data identification library is a basic character database that is deciphered by the encryption scheme;

请求响应模块,用于通过自身预设的所述识别码对所述识别位判断以接收所述请求验证判断结果,对所述请求验证判断结果进行响应,获取并响应与所述请求验证数据相对应的设备控制请求以及数据读写请求。The request-response module is configured to judge the identification bit through the identification code preset by itself to receive the request-verification judgment result, respond to the request-verification judgment result, and acquire and respond to the data corresponding to the request verification. Corresponding device control requests and data read and write requests.

作为本发明的进一步方案:还包括协同认证模块,所述协同认证模块包括:As a further scheme of the present invention: it also includes a collaborative authentication module, and the collaborative authentication module includes:

身份认证单元,用于获取对象接入请求,获取所述对象接入请求中的对象身份信息,根据所述对象身份信息建立请求验证数据,所述请求验证数据用于对所述对象身份信息进行请求认证,所述对象身份信息包括生物特征识别信息;The identity authentication unit is used to obtain the object access request, obtain the object identity information in the object access request, and establish request verification data according to the object identity information, and the request verification data is used to perform the verification on the object identity information. requesting authentication, the object identity information includes biometric information;

设备认证单元,用于获取物联网终端接入请求,获取所述终端接入请求中的终端身份信息并验证,若验证通过,请求获取操作对象的生物特征识别信息,并基于所述生物特征识别信息建立请求验证数据以对操作者进行身份认证。The device authentication unit is used to obtain the Internet of Things terminal access request, obtain the terminal identity information in the terminal access request and verify it, if the verification is passed, request to obtain the biometric identification information of the operation object, and based on the biometric identification The message build requests authentication data to authenticate the operator.

作为本发明的再进一步方案:所述请求响应模块包括信息识别单元;As a further scheme of the present invention: the request response module includes an information identification unit;

所述信息识别单元,用于获取所述设备控制请求以及所述数据读写请求,通过预设的指令响应库对所述设备控制请求以及所述数据读写请求进行识别并响应,若所述设备控制请求与所述数据读写请求超出预设的所述指令响应库,则停止对所述设备控制请求以及所述数据读写请求的响应并请求获取操作对象的生物特征识别信息,基于所述生物特征识别信息建立请求验证数据以对操作者进行身份认证。The information identification unit is configured to obtain the device control request and the data read/write request, and identify and respond to the device control request and the data read/write request through a preset command response library. If the device control request and the data read/write request exceed the preset instruction response library, stop responding to the device control request and the data read/write request and request to obtain the biometric identification information of the operating object. The biometric identification information creates request verification data to authenticate the operator.

作为本发明的再进一步方案:还包括状态同步模块;As a further scheme of the present invention: also includes a state synchronization module;

所述状态同步模块,用于对多个所述物联网终端的连接状态进行判断,并基于所述连接状态对多组所述加密方案进行标记,所述标记用于将所述连接状态为离线的所述物联网终端相对应的所述加密方案无效。The state synchronization module is used for judging the connection states of a plurality of the Internet of Things terminals, and marking a plurality of groups of the encryption schemes based on the connection states, and the marking is used to mark the connection state as offline The encryption scheme corresponding to the IoT terminal is invalid.

作为本发明的再进一步方案:所述数据互认模块与所述数据识别模块均设有响应标记单元,所述响应标记单元用于根据所述识别码对所述请求验证判断结果进行响应标记,当对所述请求验证判断结果进行响应时,根据所述加密方案识别位对所述响应标记进行判断,若符合则响应所述请求验证判断结果。As a further solution of the present invention: both the data mutual recognition module and the data identification module are provided with a response marking unit, and the response marking unit is used to mark the response to the request verification judgment result according to the identification code, When responding to the request verification judgment result, judge the response flag according to the encryption scheme identification bit, and respond to the request verification judgment result if it matches.

本发明实施例旨在提供一种物联网设备数据的安全管理方法,包含步骤:The embodiment of the present invention aims to provide a security management method for IoT device data, comprising the steps of:

获取请求验证数据,通过预设的多重加密程序对所述请求验证数据进行多次随机加密,生成多维加密数据并转发,所述多重加密程序包括多组加密方案,所述加密方案与不同的物联网终端相对应,所述多维加密数据中设有加密方案识别位;Obtain the request verification data, perform random encryption on the request verification data multiple times through a preset multiple encryption program, generate multidimensional encrypted data and forward it, and the multiple encryption program includes multiple sets of encryption schemes, and the encryption schemes are different from different objects. Corresponding to the network terminal, the multi-dimensional encrypted data is provided with an encryption scheme identification bit;

接收多维加密数据,并基于自身预设的识别码对所述加密方案识别位的最高位进行判断,若符合,且所述加密方案识别位的总数大于一,根据预设的加密方案对所述多维加密数据解密并转发,若所述加密方案识别位的总数为一,则引导执行信息识别程序;Receive multi-dimensional encrypted data, and judge the highest bit of the encryption scheme identification bits based on its own preset identification code, if it matches, and the total number of encryption scheme identification bits is greater than one, according to the preset encryption scheme. The multi-dimensional encrypted data is decrypted and forwarded, and if the total number of identification bits of the encryption scheme is one, the information identification program is guided to be executed;

所述信息识别程序,包括步骤:基于预设的数据识别库对所述多维加密数据进行识别,并对所述多维加密数据进行安全判断,生成请求验证判断结果并转发,所述请求验证结果设有接收识别位,所述数据识别库为基本字符数据库通过所述加密方案译制;The information identification program includes the steps of: identifying the multi-dimensional encrypted data based on a preset data identification library, making a security judgment on the multi-dimensional encrypted data, generating and forwarding a request verification judgment result, and the request verification result is set. There is a receiving identification bit, and the data identification library is a basic character database that is deciphered by the encryption scheme;

通过自身预设的所述识别码对所述识别位判断以接收所述请求验证判断结果,对所述请求验证判断结果进行响应,获取并响应与所述请求验证数据相对应的设备控制请求以及数据读写请求。The identification bit is judged by the identification code preset by itself to receive the request verification judgment result, respond to the request verification judgment result, obtain and respond to the device control request corresponding to the request verification data, and Data read and write requests.

作为本发明的进一步方案:还包括步骤:As a further scheme of the present invention: also comprise steps:

获取对象接入请求,获取所述对象接入请求中的对象身份信息,根据所述对象身份信息建立请求验证数据,所述请求验证数据用于对所述对象身份信息进行请求认证,所述对象身份信息包括生物特征识别信息;Obtain an object access request, obtain the object identity information in the object access request, and establish request verification data according to the object identity information, and the request verification data is used to perform request authentication on the object identity information, and the object Identity information includes biometric information;

获取物联网终端接入请求,获取所述终端接入请求中的终端身份信息并验证,若验证通过,请求获取操作对象的生物特征识别信息,并基于所述生物特征识别信息建立请求验证数据以对操作者进行身份认证。Obtain the Internet of Things terminal access request, obtain the terminal identity information in the terminal access request and verify, if the verification is passed, request to obtain the biometric identification information of the operation object, and create request verification data based on the biometric identification information to Authenticate the operator.

作为本发明的再进一步方案:所述获取并响应与所述请求验证数据相对应的设备控制请求以及数据读写请求的步骤具体包括:As a further scheme of the present invention: the steps of obtaining and responding to the device control request and the data read/write request corresponding to the request verification data specifically include:

获取所述设备控制请求以及所述数据读写请求,通过预设的指令响应库对所述设备控制请求以及所述数据读写请求进行识别并响应,若所述设备控制请求与所述数据读写请求超出预设的所述指令响应库,则停止对所述设备控制请求以及所述数据读写请求的响应并请求获取操作对象的生物特征识别信息,基于所述生物特征识别信息建立请求验证数据以对操作者进行身份认证。Obtain the device control request and the data read/write request, identify and respond to the device control request and the data read/write request through a preset command response library, if the device control request and the data read/write request If the write request exceeds the preset instruction response library, the response to the device control request and the data read/write request is stopped, and the biometric identification information of the operation object is requested to be obtained, and a request verification is established based on the biometric identification information. data to authenticate the operator.

与现有技术相比,本发明的有益效果是:能够起到对智能家居设备的信息数据安全的保护,可以有效的规避非授权设备对智能家居的链接控制以及数据盗取行为,相较于现有的智能家居物联网设备所采用的简单身份验证方法,本申请中通过多物联网设备间的互相协助加密认证的方式能够有效的避免单一设备被入侵破解时的数据安全问题,提升整体智能家居物联网设备群的安全。Compared with the prior art, the beneficial effects of the present invention are: it can protect the information and data security of the smart home equipment, and can effectively avoid the link control and data theft of the smart home by unauthorized equipment. The simple authentication method adopted by the existing smart home IoT devices, in this application, the mutual assistance encryption authentication method among multiple IoT devices can effectively avoid the data security problem when a single device is intruded and cracked, and improve the overall intelligence Security of home IoT device fleets.

附图说明Description of drawings

图1为一种物联网设备数据的安全管理系统的组成框图。Figure 1 is a block diagram of a security management system for IoT device data.

图2为一种物联网设备数据的安全管理系统中协同认证模块的组成框图。FIG. 2 is a block diagram of a collaborative authentication module in a security management system for IoT device data.

图3为一种物联网设备数据的安全管理方法的流程框图。FIG. 3 is a flowchart of a method for security management of IoT device data.

具体实施方式Detailed ways

为了使本发明的目的、技术方案及优点更加清楚明白,以下结合附图及实施例,对本发明进行进一步详细说明。应当理解,此处所描述的具体实施例仅仅用以解释本发明,并不用于限定本发明。In order to make the objectives, technical solutions and advantages of the present invention clearer, the present invention will be further described in detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are only used to explain the present invention, but not to limit the present invention.

以下结合具体实施例对本发明的具体实现方式进行详细描述。The specific implementation of the present invention will be described in detail below with reference to specific embodiments.

如图1所述,为本发明一个实施例提供的一种物联网设备数据的安全管理系统,包括:As shown in FIG. 1, an embodiment of the present invention provides a security management system for IoT device data, including:

数据响应模块100,用于获取请求验证数据,通过预设的多重加密程序对所述请求验证数据进行多次随机加密,生成多维加密数据并转发,所述多重加密程序包括多组加密方案,所述加密方案与不同的物联网终端相对应,所述多维加密数据中设有加密方案识别位。The data response module 100 is configured to obtain request verification data, perform random encryption on the request verification data multiple times through a preset multi-encryption program, generate multi-dimensional encrypted data and forward it, and the multi-encryption program includes multiple sets of encryption schemes, so The encryption scheme corresponds to different IoT terminals, and the multi-dimensional encrypted data is provided with an encryption scheme identification bit.

数据互认模块300,用于接收多维加密数据,并基于自身预设的识别码对所述加密方案识别位的最高位进行判断,若符合,且所述加密方案识别位的总数大于一,根据预设的加密方案对所述多维加密数据解密并转发,若所述加密方案识别位的总数为一,则引导执行信息识别程序。The data mutual recognition module 300 is used for receiving multi-dimensional encrypted data, and judges the highest bit of the encryption scheme identification bits based on its own preset identification code, if it matches, and the total number of the encryption scheme identification bits is greater than one, according to The preset encryption scheme decrypts and forwards the multi-dimensional encrypted data, and if the total number of identification bits of the encryption scheme is one, the information identification program is guided to be executed.

信息识别模块500,用于执行所述信息识别程序,包括步骤:基于预设的数据识别库对所述多维加密数据进行识别,并对所述多维加密数据进行安全判断,生成请求验证判断结果并转发,所述请求验证结果设有接收识别位,所述数据识别库为基本字符数据库通过所述加密方案译制。The information identification module 500, configured to execute the information identification program, includes the steps of: identifying the multi-dimensional encrypted data based on a preset data identification library, making a security judgment on the multi-dimensional encrypted data, generating a request verification judgment result and Forwarding, the request verification result is provided with a receiving identification bit, and the data identification library is a basic character database that is decoded through the encryption scheme.

请求响应模块700,用于通过自身预设的所述识别码对所述识别位判断以接收所述请求验证判断结果,对所述请求验证判断结果进行响应,获取并响应与所述请求验证数据相对应的设备控制请求以及数据读写请求。The request response module 700 is configured to judge the identification bit through the identification code preset by itself to receive the request verification judgment result, respond to the request verification judgment result, obtain and respond to the request verification data Corresponding device control requests and data read and write requests.

本实施例中,公开了一种物联网设备数据的安全管理系统,其适用于智能家居的物联网络系统中,能够起到对智能家居设备的信息数据安全的保护,可以有效的规避非授权设备对智能家居的链接控制以及数据盗取行为,相较于现有的智能家居物联网设备所采用的简单身份验证方法,本申请中通过多物联网设备间的互相协助加密认证的方式能够有效的避免单一设备被入侵破解时的数据安全问题,提升整体智能家居物联网设备群的安全;具体在使用时,当用户自身或是非授权人员通过无线网络连接智能家居设备中的任一时,其生成的请求验证或是试图连接使用的数据验证数据内容,会被数据响应模块100进行多次的随机加密,而每次的随机加密均是对应一组加密方案的,分别对应其它不同的智能家居设备(即物联网设备),然后转发加密后的数据,其它智能家居的数据互认模块300在加密方案与自身一致时对加密数据的最外层加密进行解除,当加密层数为一时,则会用自身的数据识别库对加密内容进行识别,从而进行请求的身份或是安全判断(这里的数据识别库对每一个智能家居是确定的且唯一的),最终验证通过后,将验证的结果返回接受请求的智能家居通过请求响应模块700以响应相对应的请求内容,同时,这样多设备协同的认证方式,也能够在某一设备被入侵时,通过其它设备进行危险信号的外传,以通告使用者。In this embodiment, a security management system for IoT device data is disclosed, which is suitable for the IoT network system of smart home, can protect the information and data security of smart home devices, and can effectively avoid unauthorized access Compared with the simple authentication method adopted by the existing smart home IoT devices for the link control of the device to the smart home and the data theft, the method of mutual assistance encryption authentication between multiple IoT devices in this application can be effective. To avoid data security problems when a single device is intruded and cracked, and improve the security of the overall smart home IoT device group; specifically, when the user or unauthorized personnel connect to any of the smart home devices through the wireless network, the generated The data content of the request verification or the data verification that is trying to connect will be randomly encrypted by the data response module 100 for many times, and each random encryption corresponds to a set of encryption schemes, corresponding to other different smart home devices. (ie IoT devices), and then forward the encrypted data. The data mutual recognition module 300 of other smart homes will release the encryption of the outermost layer of the encrypted data when the encryption scheme is consistent with itself. When the number of encryption layers is one, it will Use its own data identification library to identify the encrypted content, so as to make the requested identity or security judgment (the data identification library here is deterministic and unique for each smart home), and after the final verification is passed, the verification result will be returned. The smart home that accepts the request responds to the corresponding request content through the request response module 700. At the same time, such a multi-device collaborative authentication method can also transmit danger signals through other devices when a certain device is invaded to notify the use of By.

如图2所示,作为本发明另一个优选的实施例,还包括协同认证模块,所述协同认证模块900包括:As shown in FIG. 2, as another preferred embodiment of the present invention, it further includes a collaborative authentication module, and the collaborative authentication module 900 includes:

身份认证单元901,用于获取对象接入请求,获取所述对象接入请求中的对象身份信息,根据所述对象身份信息建立请求验证数据,所述请求验证数据用于对所述对象身份信息进行请求认证,所述对象身份信息包括生物特征识别信息。An identity authentication unit 901, configured to acquire an object access request, acquire object identity information in the object access request, and establish request verification data according to the object identity information, and the request verification data is used to verify the object identity information A request for authentication is performed, and the object identity information includes biometric information.

设备认证单元902,用于获取物联网终端接入请求,获取所述终端接入请求中的终端身份信息并验证,若验证通过,请求获取操作对象的生物特征识别信息,并基于所述生物特征识别信息建立请求验证数据以对操作者进行身份认证。The device authentication unit 902 is configured to obtain an Internet of Things terminal access request, obtain and verify the terminal identity information in the terminal access request, and if the verification is passed, request to obtain the biometric identification information of the operating object, and based on the biometrics The identification information establishes request authentication data to authenticate the operator.

本实施例中,增加了协同认证模块900以及相关的功能划分说明,其中身份认证单元901是对连接智能家居设备的其它设备进行身份认证的单元,通过将对象接入请求接入数据响应模块100进而进行多设备间的互相加密认证,以判断对象的身份,这样在对对象身份进行验证的过程中的身份数据包均是处于加密状态的,此时入侵人员即使通过抓包等行为获取身份数据包(包含对象身份信息的数据段),也因其是加密状态的,无法将其用于进行入侵时的身份认证,设备认证单元902是作用在多个智能家居物联网设备中的某一断开连接后,需要进行通过拥有者的实际认证操作才能重新加入网组中,进一步降低通过设备反复断连进行连接请求抓包而入侵的概率。In this embodiment, a collaborative authentication module 900 and related function division descriptions are added, wherein the identity authentication unit 901 is a unit that performs identity authentication on other devices connected to smart home devices, and accesses the data response module 100 by connecting the object access request to the data response module 100. Then perform mutual encryption authentication between multiple devices to determine the identity of the object, so that the identity data packets in the process of verifying the identity of the object are in an encrypted state. The package (the data segment containing the object's identity information), also because it is encrypted, cannot be used for identity authentication during intrusion. After the connection is opened, the actual authentication operation of the owner is required to rejoin the network group, which further reduces the probability of intrusion by repeatedly disconnecting the device and requesting packet capture.

作为本发明另一个优选的实施例,所述请求响应模块700包括信息识别单元;As another preferred embodiment of the present invention, the request response module 700 includes an information identification unit;

所述信息识别单元,用于获取所述设备控制请求以及所述数据读写请求,通过预设的指令响应库对所述设备控制请求以及所述数据读写请求进行识别并响应,若所述设备控制请求与所述数据读写请求超出预设的所述指令响应库,则停止对所述设备控制请求以及所述数据读写请求的响应并请求获取操作对象的生物特征识别信息,基于所述生物特征识别信息建立请求验证数据以对操作者进行身份认证。The information identification unit is configured to obtain the device control request and the data read/write request, and identify and respond to the device control request and the data read/write request through a preset command response library. If the device control request and the data read/write request exceed the preset instruction response library, stop responding to the device control request and the data read/write request and request to obtain the biometric identification information of the operating object. The biometric identification information creates request verification data to authenticate the operator.

本实施例中,信息识别单元是用于对物联网设备接收到的指令的识别的步骤,指令响应库是由用户建立的安全的可执行的指令,因此当超出指令库范围的更高等级的指令时,则需要进行认证以确认身份。In this embodiment, the information identification unit is a step used to identify the instructions received by the IoT device, and the instruction response library is a secure executable instruction established by the user. When ordering, authentication is required to confirm the identity.

作为本发明另一个优选的实施例,还包括状态同步模块;As another preferred embodiment of the present invention, it also includes a state synchronization module;

所述状态同步模块,用于对多个所述物联网终端的连接状态进行判断,并基于所述连接状态对多组所述加密方案进行标记,所述标记用于将所述连接状态为离线的所述物联网终端相对应的所述加密方案无效。The state synchronization module is used for judging the connection states of a plurality of the Internet of Things terminals, and marking a plurality of groups of the encryption schemes based on the connection states, and the marking is used to mark the connection state as offline The encryption scheme corresponding to the IoT terminal is invalid.

进一步的,所述数据互认模块300与所述数据识别模块500均设有响应标记单元,所述响应标记单元用于根据所述识别码对所述请求验证判断结果进行响应标记,当对所述请求验证判断结果进行响应时,根据所述加密方案识别位对所述响应标记进行判断,若符合则响应所述请求验证判断结果。Further, both the data mutual recognition module 300 and the data identification module 500 are provided with a response marking unit, and the response marking unit is used to mark the response to the request verification judgment result according to the identification code. When responding to the request verification judgment result, judge the response flag according to the encryption scheme identification bit, and respond to the request verification judgment result if it matches.

本实施例中,状态同步模块的作用是避免当某一智能家居离线时,其它设备依然基于该设备的加密方案进行加密,导致验证无法通过的问题;响应标记单元则是对多维加密数据解密和识别的过程进行标记,以方便进行验证,以鉴别被其它设备劫持而非正常解密的情况。In this embodiment, the role of the state synchronization module is to avoid the problem that when a certain smart home is offline, other devices are still encrypted based on the encryption scheme of the device, resulting in the failure of verification; the response marking unit is used to decrypt the multi-dimensional encrypted data and The process of identification is marked to facilitate verification to identify cases of hijacking by other devices rather than normal decryption.

如图3所示,本发明还提供了一种物联网设备数据的安全管理方法,其包含:As shown in FIG. 3 , the present invention also provides a security management method for IoT device data, which includes:

S200,获取请求验证数据,通过预设的多重加密程序对所述请求验证数据进行多次随机加密,生成多维加密数据并转发,所述多重加密程序包括多组加密方案,所述加密方案与不同的物联网终端相对应,所述多维加密数据中设有加密方案识别位。S200: Obtain request verification data, perform random encryption on the request verification data multiple times through a preset multiple encryption program, generate multidimensional encrypted data and forward it, the multiple encryption program includes multiple sets of encryption schemes, and the encryption schemes are different from Corresponding to the Internet of Things terminal, the multi-dimensional encrypted data is provided with an encryption scheme identification bit.

S400,接收多维加密数据,并基于自身预设的识别码对所述加密方案识别位的最高位进行判断,若符合,且所述加密方案识别位的总数大于一,根据预设的加密方案对所述多维加密数据解密并转发,若所述加密方案识别位的总数为一,则引导执行信息识别程序。S400: Receive multi-dimensional encrypted data, and judge the highest bit of the encryption scheme identification bits based on a preset identification code of the encryption scheme. The multi-dimensional encrypted data is decrypted and forwarded, and if the total number of identification bits of the encryption scheme is one, the information identification program is guided to be executed.

S600,所述信息识别程序包括步骤:基于预设的数据识别库对所述多维加密数据进行识别,并对所述多维加密数据进行安全判断,生成请求验证判断结果并转发,所述请求验证结果设有接收识别位,所述数据识别库为基本字符数据库通过所述加密方案译制。S600, the information identification program includes the steps of: identifying the multi-dimensional encrypted data based on a preset data identification library, making a security judgment on the multi-dimensional encrypted data, generating and forwarding a request verification judgment result, and the request verification result Provided with a receiving identification bit, the data identification library is a basic character database deciphered by the encryption scheme.

S800,通过自身预设的所述识别码对所述识别位判断以接收所述请求验证判断结果,对所述请求验证判断结果进行响应,获取并响应与所述请求验证数据相对应的设备控制请求以及数据读写请求。S800, judge the identification bit by using the identification code preset by itself to receive the request verification judgment result, respond to the request verification judgment result, and obtain and respond to the device control corresponding to the request verification data requests and data read and write requests.

作为本发明另一个优选的实施例,还包括步骤:As another preferred embodiment of the present invention, it also includes the steps:

获取对象接入请求,获取所述对象接入请求中的对象身份信息,根据所述对象身份信息建立请求验证数据,所述请求验证数据用于对所述对象身份信息进行请求认证,所述对象身份信息包括生物特征识别信息。Obtain an object access request, obtain the object identity information in the object access request, and establish request verification data according to the object identity information, and the request verification data is used to perform request authentication on the object identity information, and the object Identity information includes biometric information.

获取物联网终端接入请求,获取所述终端接入请求中的终端身份信息并验证,若验证通过,请求获取操作对象的生物特征识别信息,并基于所述生物特征识别信息建立请求验证数据以对操作者进行身份认证。Obtain the Internet of Things terminal access request, obtain the terminal identity information in the terminal access request and verify, if the verification is passed, request to obtain the biometric identification information of the operation object, and create request verification data based on the biometric identification information to Authenticate the operator.

作为本发明另一个优选的实施例,所述获取并响应与所述请求验证数据相对应的设备控制请求以及数据读写请求的步骤具体包括:As another preferred embodiment of the present invention, the step of acquiring and responding to the device control request and the data read/write request corresponding to the request verification data specifically includes:

获取所述设备控制请求以及所述数据读写请求,通过预设的指令响应库对所述设备控制请求以及所述数据读写请求进行识别并响应,若所述设备控制请求与所述数据读写请求超出预设的所述指令响应库,则停止对所述设备控制请求以及所述数据读写请求的响应并请求获取操作对象的生物特征识别信息,基于所述生物特征识别信息建立请求验证数据以对操作者进行身份认证。Obtain the device control request and the data read/write request, identify and respond to the device control request and the data read/write request through a preset command response library, if the device control request and the data read/write request If the write request exceeds the preset instruction response library, the response to the device control request and the data read/write request is stopped, and the biometric identification information of the operation object is requested to be obtained, and a request verification is established based on the biometric identification information. data to authenticate the operator.

本领域普通技术人员可以理解实现上述实施例方法中的全部或部分流程,是可以通过计算机程序来指令相关的硬件来完成,所述的程序可存储于一非易失性计算机可读取存储介质中,该程序在执行时,可包括如上述各方法的实施例的流程。其中,本申请所提供的各实施例中所使用的对存储器、存储、数据库或其它介质的任何引用,均可包括非易失性和/或易失性存储器。非易失性存储器可包括只读存储器(ROM)、可编程ROM(PROM)、电可编程ROM(EPROM)、电可擦除可编程ROM(EEPROM)或闪存。易失性存储器可包括随机存取存储器(RAM)或者外部高速缓冲存储器。作为说明而非局限,RAM以多种形式可得,诸如静态RAM(SRAM)、动态RAM(DRAM)、同步DRAM(SDRAM)、双数据率SDRAM(DDRSDRAM)、增强型SDRAM(ESDRAM)、同步链路(Synchlink)DRAM(SLDRAM)、存储器总线(Rambus)直接RAM(RDRAM)、直接存储器总线动态RAM(DRDRAM)、以及存储器总线动态RAM(RDRAM)等。Those of ordinary skill in the art can understand that all or part of the processes in the methods of the above embodiments can be implemented by instructing relevant hardware through a computer program, and the program can be stored in a non-volatile computer-readable storage medium , when the program is executed, it may include the flow of the above-mentioned method embodiments. Wherein, any reference to memory, storage, database or other medium used in the various embodiments provided in this application may include non-volatile and/or volatile memory. Nonvolatile memory may include read only memory (ROM), programmable ROM (PROM), electrically programmable ROM (EPROM), electrically erasable programmable ROM (EEPROM), or flash memory. Volatile memory may include random access memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in various forms such as static RAM (SRAM), dynamic RAM (DRAM), synchronous DRAM (SDRAM), double data rate SDRAM (DDRSDRAM), enhanced SDRAM (ESDRAM), synchronous chain Road (Synchlink) DRAM (SLDRAM), memory bus (Rambus) direct RAM (RDRAM), direct memory bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM), etc.

本领域技术人员在考虑说明书及实施例处的公开后,将容易想到本公开的其它实施方案。本申请旨在涵盖本公开的任何变型、用途或者适应性变化,这些变型、用途或者适应性变化遵循本公开的一般性原理并包括本公开未公开的本技术领域中的公知常识或惯用技术手段。说明书和实施例仅被视为示例性的,本公开的真正范围和精神由权利要求指出。Other embodiments of the present disclosure will readily occur to those skilled in the art upon consideration of the disclosure at the specification and examples. This application is intended to cover any variations, uses, or adaptations of the present disclosure that follow the general principles of the present disclosure and include common knowledge or techniques in the technical field not disclosed by the present disclosure . The specification and examples are to be regarded as exemplary only, with the true scope and spirit of the disclosure being indicated by the claims.

应当理解的是,本公开并不局限于上面已经描述并在附图中示出的精确结构,并且可以在不脱离其范围进行各种修改和改变。本公开的范围仅由所附的权利要求来限制。It is to be understood that the present disclosure is not limited to the precise structures described above and illustrated in the accompanying drawings, and that various modifications and changes may be made without departing from the scope thereof. The scope of the present disclosure is limited only by the appended claims.

Claims (8)

1.一种物联网设备数据的安全管理系统,其特征在于,包括:1. a security management system for Internet of Things device data, characterized in that, comprising: 数据响应模块,用于获取请求验证数据,通过预设的多重加密程序对所述请求验证数据进行多次随机加密,生成多维加密数据并转发,所述多重加密程序包括多组加密方案,所述加密方案与不同的物联网终端相对应,所述多维加密数据中设有加密方案识别位;The data response module is used to obtain the request verification data, randomly encrypt the request verification data multiple times through a preset multi-encryption program, generate multi-dimensional encrypted data and forward it, the multi-encryption program includes multiple sets of encryption schemes, the The encryption scheme corresponds to different IoT terminals, and the multi-dimensional encrypted data is provided with an encryption scheme identification bit; 数据互认模块,用于接收多维加密数据,并基于自身预设的识别码对所述加密方案识别位的最高位进行判断,若符合,且所述加密方案识别位的总数大于一,根据预设的加密方案对所述多维加密数据解密并转发,若所述加密方案识别位的总数为一,则引导执行信息识别程序;The data mutual recognition module is used to receive multi-dimensional encrypted data, and judge the highest bit of the encryption scheme identification bits based on its own preset identification code. If it matches, and the total number of encryption scheme identification bits is greater than one, according to the predetermined The set encryption scheme decrypts and forwards the multi-dimensional encrypted data, and if the total number of identification bits of the encryption scheme is one, then guide the execution of the information identification program; 信息识别模块,用于执行所述信息识别程序,包括步骤:基于预设的数据识别库对所述多维加密数据进行识别,并对所述多维加密数据进行安全判断,生成请求验证判断结果并转发,所述请求验证结果设有接收识别位,所述数据识别库为基本字符数据库通过所述加密方案译制;An information identification module for executing the information identification program, including the steps of: identifying the multi-dimensional encrypted data based on a preset data identification library, making a security judgment on the multi-dimensional encrypted data, generating a request verification judgment result and forwarding it , the request verification result is provided with a receiving identification bit, and the data identification library is a basic character database that is deciphered by the encryption scheme; 请求响应模块,用于通过自身预设的所述识别码对所述识别位判断以接收所述请求验证判断结果,对所述请求验证判断结果进行响应,获取并响应与所述请求验证数据相对应的设备控制请求以及数据读写请求。The request-response module is configured to judge the identification bit through the identification code preset by itself to receive the request-verification judgment result, respond to the request-verification judgment result, and acquire and respond to the data corresponding to the request verification. Corresponding device control requests and data read and write requests. 2.根据权利要求1所述的一种物联网设备数据的安全管理系统,其特征在于,还包括协同认证模块,所述协同认证模块包括:2. The security management system for IoT device data according to claim 1, further comprising a collaborative authentication module, wherein the collaborative authentication module comprises: 身份认证单元,用于获取对象接入请求,获取所述对象接入请求中的对象身份信息,根据所述对象身份信息建立请求验证数据,所述请求验证数据用于对所述对象身份信息进行请求认证,所述对象身份信息包括生物特征识别信息;The identity authentication unit is used to obtain the object access request, obtain the object identity information in the object access request, and establish request verification data according to the object identity information, and the request verification data is used to perform the verification on the object identity information. requesting authentication, the object identity information includes biometric information; 设备认证单元,用于获取物联网终端接入请求,获取所述终端接入请求中的终端身份信息并验证,若验证通过,请求获取操作对象的生物特征识别信息,并基于所述生物特征识别信息建立请求验证数据以对操作者进行身份认证。The device authentication unit is used to obtain the Internet of Things terminal access request, obtain the terminal identity information in the terminal access request and verify it, if the verification is passed, request to obtain the biometric identification information of the operation object, and based on the biometric identification The message build requests authentication data to authenticate the operator. 3.根据权利要求2所述的一种物联网设备数据的安全管理系统,其特征在于,所述请求响应模块包括信息识别单元;3. The security management system for IoT device data according to claim 2, wherein the request-response module comprises an information identification unit; 所述信息识别单元,用于获取所述设备控制请求以及所述数据读写请求,通过预设的指令响应库对所述设备控制请求以及所述数据读写请求进行识别并响应,若所述设备控制请求与所述数据读写请求超出预设的所述指令响应库,则停止对所述设备控制请求以及所述数据读写请求的响应并请求获取操作对象的生物特征识别信息,基于所述生物特征识别信息建立请求验证数据以对操作者进行身份认证。The information identification unit is configured to obtain the device control request and the data read/write request, and identify and respond to the device control request and the data read/write request through a preset command response library. If the device control request and the data read/write request exceed the preset instruction response library, stop responding to the device control request and the data read/write request and request to obtain the biometric identification information of the operating object. The biometric identification information creates request verification data to authenticate the operator. 4.根据权利要求1所述的一种物联网设备数据的安全管理系统,其特征在于,还包括状态同步模块;4. The security management system for IoT device data according to claim 1, further comprising a state synchronization module; 所述状态同步模块,用于对多个所述物联网终端的连接状态进行判断,并基于所述连接状态对多组所述加密方案进行标记,所述标记用于将所述连接状态为离线的所述物联网终端相对应的所述加密方案无效。The state synchronization module is used for judging the connection states of a plurality of the Internet of Things terminals, and marking a plurality of groups of the encryption schemes based on the connection states, and the marking is used to mark the connection state as offline The encryption scheme corresponding to the IoT terminal is invalid. 5.根据权利要求4所述的一种物联网设备数据的安全管理系统,其特征在于,所述数据互认模块与所述数据识别模块均设有响应标记单元,所述响应标记单元用于根据所述识别码对所述请求验证判断结果进行响应标记,当对所述请求验证判断结果进行响应时,根据所述加密方案识别位对所述响应标记进行判断,若符合则响应所述请求验证判断结果。5. The security management system for IoT device data according to claim 4, wherein the data mutual recognition module and the data identification module are both provided with a response marking unit, and the response marking unit is used for The request verification judgment result is marked as a response according to the identification code. When responding to the request verification judgment result, the response mark is judged according to the encryption scheme identification bit, and if it matches, the request is responded to. Verify the judgment result. 6.一种物联网设备数据的安全管理方法,其特征在于,包含步骤:6. A security management method for IoT device data, comprising the steps of: 获取请求验证数据,通过预设的多重加密程序对所述请求验证数据进行多次随机加密,生成多维加密数据并转发,所述多重加密程序包括多组加密方案,所述加密方案与不同的物联网终端相对应,所述多维加密数据中设有加密方案识别位;Obtain the request verification data, perform random encryption on the request verification data multiple times through a preset multiple encryption program, generate multidimensional encrypted data and forward it, and the multiple encryption program includes multiple sets of encryption schemes, and the encryption schemes are different from different objects. Corresponding to the network terminal, the multi-dimensional encrypted data is provided with an encryption scheme identification bit; 接收多维加密数据,并基于自身预设的识别码对所述加密方案识别位的最高位进行判断,若符合,且所述加密方案识别位的总数大于一,根据预设的加密方案对所述多维加密数据解密并转发,若所述加密方案识别位的总数为一,则引导执行信息识别程序;Receive multi-dimensional encrypted data, and judge the highest bit of the encryption scheme identification bits based on its own preset identification code, if it matches, and the total number of encryption scheme identification bits is greater than one, according to the preset encryption scheme. The multi-dimensional encrypted data is decrypted and forwarded, and if the total number of identification bits of the encryption scheme is one, the information identification program is guided to be executed; 所述信息识别程序,包括步骤:基于预设的数据识别库对所述多维加密数据进行识别,并对所述多维加密数据进行安全判断,生成请求验证判断结果并转发,所述请求验证结果设有接收识别位,所述数据识别库为基本字符数据库通过所述加密方案译制;The information identification program includes the steps of: identifying the multi-dimensional encrypted data based on a preset data identification library, making a security judgment on the multi-dimensional encrypted data, generating and forwarding a request verification judgment result, and the request verification result is set. There is a receiving identification bit, and the data identification library is a basic character database that is deciphered by the encryption scheme; 通过自身预设的所述识别码对所述识别位判断以接收所述请求验证判断结果,对所述请求验证判断结果进行响应,获取并响应与所述请求验证数据相对应的设备控制请求以及数据读写请求。The identification bit is judged by the identification code preset by itself to receive the request verification judgment result, respond to the request verification judgment result, obtain and respond to the device control request corresponding to the request verification data, and Data read and write requests. 7.根据权利要求6所述的一种物联网设备数据的安全管理方法,其特征在于,还包括步骤:7. The method for security management of IoT device data according to claim 6, further comprising the steps of: 获取对象接入请求,获取所述对象接入请求中的对象身份信息,根据所述对象身份信息建立请求验证数据,所述请求验证数据用于对所述对象身份信息进行请求认证,所述对象身份信息包括生物特征识别信息;Obtain an object access request, obtain the object identity information in the object access request, and establish request verification data according to the object identity information, and the request verification data is used to perform request authentication on the object identity information, and the object Identity information includes biometric information; 获取物联网终端接入请求,获取所述终端接入请求中的终端身份信息并验证,若验证通过,请求获取操作对象的生物特征识别信息,并基于所述生物特征识别信息建立请求验证数据以对操作者进行身份认证。Obtain the Internet of Things terminal access request, obtain the terminal identity information in the terminal access request and verify, if the verification is passed, request to obtain the biometric identification information of the operation object, and create request verification data based on the biometric identification information to Authenticate the operator. 8.根据权利要求7所述的一种物联网设备数据的安全管理方法,其特征在于,所述获取并响应与所述请求验证数据相对应的设备控制请求以及数据读写请求的步骤具体包括:8. The method for security management of IoT device data according to claim 7, wherein the step of acquiring and responding to a device control request and a data read/write request corresponding to the request verification data specifically includes the following steps: : 获取所述设备控制请求以及所述数据读写请求,通过预设的指令响应库对所述设备控制请求以及所述数据读写请求进行识别并响应,若所述设备控制请求与所述数据读写请求超出预设的所述指令响应库,则停止对所述设备控制请求以及所述数据读写请求的响应并请求获取操作对象的生物特征识别信息,基于所述生物特征识别信息建立请求验证数据以对操作者进行身份认证。Obtain the device control request and the data read/write request, identify and respond to the device control request and the data read/write request through a preset command response library, if the device control request and the data read/write request If the write request exceeds the preset instruction response library, the response to the device control request and the data read/write request is stopped, and the biometric identification information of the operation object is requested to be obtained, and a request verification is established based on the biometric identification information. data to authenticate the operator.
CN202210940575.6A 2022-08-06 2022-08-06 A security management method and system for Internet of Things device data Active CN115242545B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210940575.6A CN115242545B (en) 2022-08-06 2022-08-06 A security management method and system for Internet of Things device data

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210940575.6A CN115242545B (en) 2022-08-06 2022-08-06 A security management method and system for Internet of Things device data

Publications (2)

Publication Number Publication Date
CN115242545A true CN115242545A (en) 2022-10-25
CN115242545B CN115242545B (en) 2023-12-08

Family

ID=83679091

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210940575.6A Active CN115242545B (en) 2022-08-06 2022-08-06 A security management method and system for Internet of Things device data

Country Status (1)

Country Link
CN (1) CN115242545B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN120030918A (en) * 2025-04-21 2025-05-23 四川交通职业技术学院 Intelligent furniture collaborative design method

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2015176167A (en) * 2014-03-13 2015-10-05 キーパスコ アーベーKeypasco AB Network authentication method for secure user identification information verification
CN106533861A (en) * 2016-11-18 2017-03-22 郑州信大捷安信息技术股份有限公司 Security control system and authentication method of smart home Internet of Things
CN107911393A (en) * 2017-12-28 2018-04-13 北京明朝万达科技股份有限公司 A kind of data safety management system and method
CN110086755A (en) * 2018-01-26 2019-08-02 巍乾全球技术有限责任公司 Realize method, application server, internet of things equipment and the medium of Internet of Things service
CN110138736A (en) * 2019-04-11 2019-08-16 泉州信息工程学院 Identity authentication method, device and device for multiple dynamic random encryption of Internet of Things
CN110740128A (en) * 2019-09-27 2020-01-31 武汉虹识技术有限公司 off-line data encryption method and device
WO2020191928A1 (en) * 2019-03-27 2020-10-01 深圳市网心科技有限公司 Digital identity authentication method, device, apparatus and system, and storage medium
US20210297246A1 (en) * 2020-03-18 2021-09-23 Realtek Semiconductor Corp. Internet of things networking authentication system and method thereof

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2015176167A (en) * 2014-03-13 2015-10-05 キーパスコ アーベーKeypasco AB Network authentication method for secure user identification information verification
CN106533861A (en) * 2016-11-18 2017-03-22 郑州信大捷安信息技术股份有限公司 Security control system and authentication method of smart home Internet of Things
CN107911393A (en) * 2017-12-28 2018-04-13 北京明朝万达科技股份有限公司 A kind of data safety management system and method
CN110086755A (en) * 2018-01-26 2019-08-02 巍乾全球技术有限责任公司 Realize method, application server, internet of things equipment and the medium of Internet of Things service
WO2020191928A1 (en) * 2019-03-27 2020-10-01 深圳市网心科技有限公司 Digital identity authentication method, device, apparatus and system, and storage medium
CN110138736A (en) * 2019-04-11 2019-08-16 泉州信息工程学院 Identity authentication method, device and device for multiple dynamic random encryption of Internet of Things
CN110740128A (en) * 2019-09-27 2020-01-31 武汉虹识技术有限公司 off-line data encryption method and device
US20210297246A1 (en) * 2020-03-18 2021-09-23 Realtek Semiconductor Corp. Internet of things networking authentication system and method thereof

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
夏平;: "智能家居系统安全性方案的设计", 电脑知识与技术, no. 17 *
黄超: "智能家居系统安全方案的技术研究", 《数字通信世界》 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN120030918A (en) * 2025-04-21 2025-05-23 四川交通职业技术学院 Intelligent furniture collaborative design method

Also Published As

Publication number Publication date
CN115242545B (en) 2023-12-08

Similar Documents

Publication Publication Date Title
CN111031047B (en) Device communication method, device, computer device and storage medium
CN111107073B (en) Application automatic login method and device, computer equipment and storage medium
US20080189772A1 (en) Method for generating digital fingerprint using pseudo random number code
JP2010525448A5 (en)
JP2019009688A (en) Maintenance system and maintenance method
US7693675B2 (en) Method for protection of sensor node's data, a systems for secure transportation of a sensor node and a sensor node that achieves these
CN111508110B (en) Method and device for realizing remote locking of vehicle
CN111432374A (en) Method and device for authenticating identity of network-connected automobile network node and readable storage medium
TWI767064B (en) Image transmitting device, a method of operating an image transmitting device and a system on chip
CN113316149B (en) Identity security authentication method, device, system, wireless access point and medium
CN111083696A (en) Communication verification method and system, mobile terminal and vehicle terminal
CN118827198A (en) Log access method, system, computer device and storage medium
CN111479265B (en) Information dissemination method and device, computer equipment and storage medium
CN115242545B (en) A security management method and system for Internet of Things device data
CN108881280A (en) Cut-in method, content distribution network system and access system
KR101676846B1 (en) Mutual verification system and method performing thereof
CN111092734B (en) Product activation authentication method based on ad hoc network communication
CN100447772C (en) Peripheral device of programmable logic controller and method of use thereof
KR20160146090A (en) Communication method and apparatus in smart-home system
CN114582048A (en) NFC-based vehicle door control method, mobile terminal and vehicle
CN112291058A (en) Communication method of management system and management system
US20230129128A1 (en) Secure and documented key access by an application
CN112311738B (en) Execution method and device of maintenance operation
CN115622782A (en) Encrypted transmission method and system for power equipment
CN117479152A (en) Vehicle machine debugging method, server, vehicle machine equipment and computer readable storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20241118

Address after: No. 3002, Building B, Wanda International Center, No. 175 Jiefang Road, Xinghualing District, Taiyuan City, Shanxi Province, 030000

Patentee after: Shanxi Kaizhixuan Technology Co.,Ltd.

Country or region after: China

Address before: No. 369, Wenhua street, Yuci District, Jinzhong City, Shanxi Province

Patentee before: Shanxi Vocational University of engineering and technology

Country or region before: China

TR01 Transfer of patent right